[WordPress Custom Login Admin Front-end CSS Plugin](versions 1.4.1 and older) Vulnerability to Server-Side Request Forgery (SSRF)
Importance (CVSS3.0)
★★★★★★★★☆☆ 8.2 / 10 - High
Details
A Server-Side Request Forgery (SSRF) vulnerability was discovered in WordPress Custom Login Admin Front-end CSS Plugin.
This vulnerability may allow malicious attackers to execute a website request to their arbitrary domain.
This vulnerability has been fixed in version 1.5.
Solutions
Update WordPress Custom Login Admin Front-end CSS Plugin to the latest version (at least 1.5 and newer).
Source
We provide information about critical vulnerabilities of WordPress for people who are using or are considering using Wordpress for their projects.
“[WordPress Custom Login Admin Front-end CSS Plugin](versions 1.4.1 and older) Vulnerability to Server-Side Request Forgery (SSRF) ”, by WS Security is licensed under CC BY 4.0.